Internal signal diversion apparatus and method for mobile communication devices

ABSTRACT

A mobile communications device includes a display, a plurality of sources which may comprise at least one microphone and/or at least one camera, a wireless communications module, a main processor, and a secured processor inaccessible by the main processor. A housing of the device is configured for hand-held manipulation and to support the display, the sources, the communications module, the main processor, and the secured processor. A switch is actuatable by a user of the device and coupled to at least the sources, the main processor, and the secured processor. The switch is configured to divert signals produced by the sources away from the main processor when activated, and couple signals produced by the sources to the main processor when deactivated.

RELATED PATENT DOCUMENTS

This application is a continuation of U.S. Ser. No. 14/867,612, filed on Sep. 28, 2015, which is a continuation of U.S. Ser. No. 14/248,326, filed Apr. 8, 2014, now U.S. Pat. No. 9,147,068, to which priority is claimed and both of which are hereby incorporated herein by reference in its entirety.

SUMMARY

Embodiments are directed to an apparatus and method for providing secured communications between a communication device and remote entities. Embodiments are directed to an apparatus and method for providing secured communications between a mobile communication device and remote entities while operating in one or more privacy modes selectable by a user of the device. According to some embodiments, a mobile communications device includes a display, one or more sources, a wireless communications module, and a main processor. The device also includes a secured processor inaccessible by the main processor. A housing of the device is configured for hand-held manipulation and to support the display, the one or more sources, the communications module, the main processor, and the secured processor. A switch is actuatable by a user of the device and coupled to at least the one or more sources, the main processor, and the secured processor. The switch is configured to divert signals produced by the one or more sources away from the main processor when activated, and couple signals produced by the one or more sources to the main processor when deactivated. In some embodiments, the one or more sources comprise at least one microphone and/or at least one camera.

In accordance with other embodiments, a mobile communications device includes a display, one or more sources, a wireless communications module, and a switch matrix configured to selectively couple the one or more sources to an unsecured transmission path within the device and to a secured transmission path within the device. A main processor is coupled to the switch matrix via the unsecured transmission path, and the secured transmission path is inaccessible by the main processor. A switch mechanism is coupled to the switch matrix and activatable by a user of the device. The switch matrix is configured to couple the one or more sources to the secured transmission path and decouple the one or more sources from the unsecured transmission path in response to activation of the switch mechanism. The switch matrix is also configured to couple the one or more sources to the unsecured transmission path and decouple the one or more sources from the secured transmission path in response to deactivation of the switch mechanism. In some embodiments, the one or more sources comprise at least one microphone and/or at least one camera.

According to further embodiments, a mobile communications device includes a display, an unsecured transmission path within the device, and a secured transmission path within the device. The unsecured transmission path comprises one or more unsecured sources, a main processor coupled to the one or more unsecured sources, and an unsecured wireless communications module coupled to the main processor. The secured transmission path is inaccessible by the main processor and comprises one or more secured sources, a secured processor coupled to the one or more secured sources, and a secured wireless communications module coupled to the secured processor. A switch is actuatable by a user of the device and coupled to the unsecured transmission path and the secured transmission path. The switch is configured to enable the secured transmission path for operation and disable the unsecured transmission path for operation when activated. The switch is also configured to enable the unsecured transmission path for operation and disable the secured transmission path for operation when deactivated. In some embodiments, the one or more sources comprise at least one microphone and/or at least one camera.

In accordance with some embodiments, a method involves respectively generating an activation signal and a deactivation signal in response to user activation and deactivation of a switch of a mobile communication device. The device comprises a display, one or more sources, a wireless communications module, an unsecured transmission path comprising a main processor, and a secured transmission path inaccessible by the main processor. The method also involves coupling the one or more sources to the secured transmission path and decoupling the one or more sources from the unsecured transmission path in response to the activation signal. The method further involves coupling the one or more sources to the unsecured transmission path and decoupling the one or more sources from the secured transmission path in response to the deactivation signal. In some embodiments, the one or more sources comprise at least one microphone and/or at least one camera.

The above summary is not intended to describe each disclosed embodiment or every implementation of the present disclosure. The Figures and the detailed description below more particularly exemplify illustrative embodiments.

BRIEF DESCRIPTION OF THE DRAWINGS

Throughout the specification reference is made to the appended drawings, where like reference numerals designate like elements, and wherein:

FIG. 1 illustrates an embodiment of a secured communications methodology in accordance with various embodiments;

FIG. 2 illustrates an embodiment of a secured communications methodology in accordance with some embodiments;

FIG. 3 illustrates an embodiment of a secured communications methodology in accordance with other embodiments;

FIG. 4 illustrates an embodiment of a secured communications methodology in accordance with further embodiments;

FIG. 5 illustrates an embodiment of a secured communications methodology in accordance with some embodiments;

FIG. 6 illustrates an embodiment of a secured communications methodology in accordance with other embodiments;

FIG. 7 is a block diagram of a mobile communication device configured to implement a secured communications methodology in accordance with various embodiments;

FIG. 8 is a block diagram of a mobile communication device configured to implement a secured communications methodology in accordance with some embodiments;

FIG. 9 is a block diagram of a mobile communication device configured to implement a secured communications methodology in accordance with other embodiments;

FIG. 10 is a block diagram of a mobile communication device configured to implement a secured communications methodology in accordance with further embodiments;

FIG. 11 is a block diagram of a mobile communication device configured to implement a secured communications methodology in accordance with some embodiments;

FIG. 12 is a block diagram of a mobile communication device configured to implement a secured communications methodology in accordance with other embodiments;

FIG. 13 is a block diagram of a mobile communication device configured to implement a secured communications methodology in accordance with various embodiments; and

FIG. 14 is a representative mobile communication device configured to implement a secured communications methodology in accordance with various embodiments.

The Figures are not necessarily to scale. Like numbers used in the Figures refer to like components. However, it will be understood that the use of a number to refer to a component in a given Figure is not intended to limit the component in another Figure labeled with the same number.

DETAILED DESCRIPTION

In the following description, reference is made to the accompanying set of drawings that form a part of the description hereof and in which are shown by way of illustration several specific embodiments. It is to be understood that other embodiments are contemplated and may be made without departing from the scope of the present disclosure. The following detailed description, therefore, is not to be taken in a limiting sense.

Unless otherwise indicated, all numbers expressing feature sizes, amounts, and physical properties used in the specification and claims are to be understood as being modified in all instances by the term “about.” Accordingly, unless indicated to the contrary, the numerical parameters set forth in the foregoing specification and attached claims are approximations that can vary depending upon the desired properties sought to be obtained by those skilled in the art utilizing the teachings disclosed herein. The use of numerical ranges by endpoints includes all numbers within that range (e.g. 1 to 5 includes 1, 1.5, 2, 2.75, 3, 3.80, 4, and 5) and any range within that range.

Embodiments of the disclosure are directed to an apparatus and method for providing enhanced privacy for mobile communication devices. Embodiments are directed to an apparatus and method of ensuring privacy of conversations, text, data, and video exchanges between mobile communication devices and remote entities via a network. Embodiments are directed to an apparatus and method for preventing surreptitious access by remote entities to voice, text, data, video, and other information generated or received by a mobile communication device. Embodiments are directed to an apparatus and method for preventing surreptitious access by remote entities to specified components and transmission paths within a mobile communication device.

FIG. 1 illustrates an embodiment of a secured communications methodology in accordance with various embodiments. According to FIG. 1, a secured communications method involves transmitting 102 signals produced by one or more sources of a mobile communication device along transmission paths within the device and/or via external transmission paths. The one or more sources of the device may include one or more of a microphone, a camera, and various sensors. The method involves determining 104 if a user actuatable switch of the device has been activated by a user of the device. In various embodiments, the switch can be actuated by a user to selectively enable and disable one or more privacy modes of device operation. In response to user activation of the switch, transmission of signals produced by the one or more sources is terminated 110 within the device according to some embodiments. Other components of the device, such as a speaker, an audio output jack, a video output jack, and a data interface jack, for example, may also be terminated within the device. Termination of source signal transmission within the device ensures that signals produced by sources of the mobile communication device are unavailable to other components of the device that may be susceptible to surreptitious access during times in which privacy as desired. The privacy mode of device operation illustrated in FIG. 1 can be enabled during periods of device idleness, such as during a business meeting, where limited operation of the devices is desired.

During times when the switch is not activated 104, the mobile communication device operates in a normal fashion, with signals produced by sources of the mobile communications device being transmitted 120 via transmission paths within the device that include unsecured transmission paths. Source signals transmitted via the unsecured transmission path are communicated 122 to an external location, such as occurs during normal voice, text and/or video communication between a user of the device and a remote communication device. As part of normal operation of the device, signals can be received 122 from an external location (e.g., via a cellular connection or an external microphone such as by way of a BlueTooth™ headset or earpiece), and the received signals are transmitted 124 via transmission paths that include an unsecured path within the device and processed in a normal fashion.

In the context of various embodiments of the disclosure, an unsecured transmission path refers to a communication path, link or channel that is susceptible to surreptitious access by way of hardware and/or software internal or external of the mobile communication device which can be used to intercept signals transmitted within the device or to eavesdrop on the operation of the device. An unsecured transmission path can refer to or include a physical path (e.g., electrical conductor, optical link), a hardware component (e.g., processor, transceiver, memory, input/output interface, radio), a software component (e.g., operating system, application software, firmware, middleware, codecs, drivers), a wireless communication path, link or channel, or any combination of these elements. One illustrative example of an unsecured transmission path within a mobile communication device is a path between the main processor and/or operating system of the device and a microphone or camera of the device. In the absence of enhanced security features provided by embodiments of the present disclosure, signals produced by the microphone or camera (or other sources and sensors of the device) can be surreptitiously accessed by a remote entity via the main processor, the operating system of the device or other device or unsecured point of access.

FIG. 2 illustrates a secured communications methodology in accordance with other embodiments. FIG. 2 illustrates a privacy mode involving active operation of a mobile communication device, such as when a user is having a conversation (e.g., voice only or with video) with another person via a remote device at a remote location. Because active operation of the device generally requires use of one or more sources (e.g., a microphone, a camera), the privacy mode of operation illustrated in FIG. 2 provides for secured communications using secured transmission paths within the device. In accordance with the methodology illustrated in FIG. 2, secured communications involves transmitting 202 signals produced by one or more sources of a mobile communication device along transmission paths within the device and/or via external transmission paths. The method involves determining 204 if a user actuatable switch of the device has been activated by a user of the device. In response to user activation of the switch, signals produced by sources of the device are transmitted 210 along a secured transmission path within the device. Other components of the device, such as a speaker, an audio output jack, a video output jack, and a data interface jack, may also be coupled to secured transmission paths within the device in response to activation of the switch. The method also involves communicating 212 source signals transmitted via a secured path within the device to an external location and/or to unsecured paths or components of the device.

The method may further involve receiving 214 signals from the external location, and transmitting 216 the received signals via a secured path within the device. The received signals may be transmitted to one or more components of the device, such as a speaker, audio jack, video jack, data jack or a display, for example. Communication of source signals along secured transmission paths within the device ensures that signals produced by sources of the mobile communication device and signals received by the device are unavailable to other components of the device that may be susceptible to surreptitious access during times in which privacy as desired.

When the switch is not activated 204, the mobile communication device operates much in the same way as a typical commercial device (referred to herein as a normal operating mode), with internal signals produced by sources of the device and external signals received by the device communicated along transmission paths that include unsecured transmission paths. For example, source signals can be transmitted via unsecured transmission paths can be communicated 220 to an external location, such as occurs during normal voice, text and/or video communication between a user of the device and a remote communication device. Signals can be received 222 from an external location, and the received signals can be transmitted 224 via unsecured paths within the device and processed in a normal fashion.

FIG. 3 illustrates a secured communications methodology in accordance with embodiments involving a mobile communication device which includes one or more microphones and one or more cameras. The method shown in FIG. 3 involves activating 302 a switch of the mobile communication device by the user of the device. Activation of the switch enables a privacy mode of the device. The method involves diverting 304 signals produced by the microphones, cameras, and optionally other components of the device away from a main processor of the device, which may be susceptible to surreptitious access, in response to activating the switch. In response to deactivating the switch, signals produced by the microphones, cameras, and optionally other components are coupled 306 back to the main processor, allowing the device to resume a normal operating mode.

FIG. 4 illustrates a secured communications methodology in accordance with various embodiments involving a mobile communication device which includes one or more microphones, one or more cameras, and one or more sensors. Representative examples of sensors that can be incorporated in or operated in conjunction with the mobile communication device include a GPS sensor, accelerometer(s), gyroscope(s), magnetometer(s), barometer, thermometer, proximity sensor, ambient light sensor, compass, heart rate sensor, and a pedometer, among others. In some embodiments, the one or more sensors are integral to the mobile communication device, while in other embodiments, the one or more sensors are external of the mobile communication device and are communicatively coupled thereto via a wired or wireless communication link. In further embodiments, a combination of integral and external sensors can be included within a system that includes the mobile indication device.

The method illustrated in FIG. 4 involves activating 402 a switch of the mobile communication device by the user of the device, thereby activating a privacy mode of the device. The method involves diverting 404 signals produced by the microphones, cameras, sensors (e.g., some or all of the sensors), and optionally other components of the device away from a main processor of the device, which may be susceptible to surreptitious access, in response to activating the switch. In response to deactivating the switch, signals produced by the microphones, cameras, sensors, and optionally other components are coupled 406 back to the main processor, allowing the device to resume a normal operating mode.

FIG. 5 illustrates a secured communications methodology in accordance with various embodiments involving a mobile communication device which includes one or more microphones, one or more cameras, and a secured processor. The secured processor can be embodied as one or more of a processor, a controller, or a logic device that is communicatively coupled to one or more secured transmission paths within the mobile communication device. The secured processor typically includes a secured operating system configured for operation independent of the operating system of the main processor of the mobile communication device.

In some embodiments, the secured processor is configured to implement encryption algorithms to encrypt input signals (e.g., voice, text, data, video) in accordance with a predefined encryption protocol. In such embodiments, the secured processor is configured to implement decryption algorithms to decrypt signals received by the secured processor in accordance with a predefined decryption protocol. Representative encryption/decryption algorithms include those suitable for communicating information via a specified data network or networks (e.g., CSD GSM, PSTN, ISDN, UMTS, GPRS, HSDPA). Suitable algorithms that can be implemented by the secured processor include key-based algorithms based on AES and RSA protocols, and possibly other methods, including unique and specialized algorithms.

The method shown in FIG. 5 involves activating 502 a switch of the mobile communication device by the user of the device, thereby enabling a privacy mode of device operation involving the secured processor. The method involves diverting 504 signals produced by the microphones and cameras of the device away from a main processor of the device, which may be susceptible to surreptitious access, and to the secured processor in response to activating the switch. Other components of the device (e.g., speaker, audio/video/data jacks, display) may optionally be coupled to the secured processor in response to switch activation. In response to deactivating the switch, signals produced by the microphones and cameras (and optionally other components) are coupled 506 back to the main processor and away from the secured processor, allowing the device to resume a normal operating mode.

FIG. 6 illustrates a secured communications methodology in accordance with various embodiments involving a mobile communication device which includes one or more microphones, one or more cameras, one or more sensors, and a secured processor. As previously described, the secured processor can be embodied as one or more of a processor, a controller, or a logic device that is communicatively coupled to one or more secured transmission paths within the mobile communication device. The secured processor includes a secured operating system configured for operation independent of the operating system of the main processor of the mobile communication device, and may be configured to implement encryption and decryption algorithms according to various embodiments. The method shown in FIG. 6 involves activating 602 a switch of the mobile communication device by the user of the device, thereby enabling a privacy mode of device operation involving the secured processor. The method involves diverting 604 signals produced by the microphones, cameras, sensors, and optionally other components of the device away from a main processor of the device and to the secured processor in response to activating the switch. In response to deactivating the switch, signals produced by the microphones, cameras, sensors, and optionally other components are coupled 606 back to the main processor and away from the secured processor, allowing the device to resume a normal operating mode.

FIG. 7 is a block diagram of a mobile communication device configured to implement a secured communications methodology in accordance with various embodiments. The mobile communication device 700 shown in FIG. 7 includes a housing 702 configured for hand-held manipulation and to support various components of the device 700. For purposes of simplicity of explanation, FIG. 7 includes selected components of the device 700 that are involved in providing for secured communications in accordance with various embodiments. The device 700 includes a number of sources 704, such as one or more microphones and one or more cameras, coupled to a switch 710. The switch 710 includes a switching matrix 714 which has inputs coupled to the sources 704. Activation and deactivation of the switching matrix 714 is controlled by a switch mechanism 712, which is accessible to the user. The switch mechanism 712 may include a mechanical, electrical, electro-mechanical, electronic, optical, voice-activated or other type of switch that can be activated and deactivated by a user of the device 700.

The switching matrix 714 is configured to controllably switch the sources 704 to one of several transmission paths within the device 700. In some embodiments, the device 700 includes unsecured transmission paths 720 and secured transmission paths 722, and the switch mechanism 712 is configured to facilitate user initiated switching of the sources 704 between the unsecured transmission paths 720 and secured transmission paths 722. In other embodiments, the device 700 includes unsecured transmission paths 720, secured transmission paths 722, and termination paths 724, and the switch mechanism 712 is configured to facilitate user initiated switching of the sources 704 between the unsecured transmission paths 720, the secured transmission paths 722, and the termination paths 724. The termination paths 724 can be implemented as open circuits or as termination loads.

The block diagram of the device 700 shown in FIG. 7 includes a secured region 716 denoted by a dotted line. Components of the device 700 included within the secured region 716 include the switch 710, secured transmission paths 722, an encryption/decryption module 718, and a secured processor 719. The encryption/decryption module 718 and secured processor 719 are outlined by a dotted line to indicate that these components may be included or excluded depending on the particular design of the device 700. The unsecured transmission paths 720 and termination paths 724 are illustrated as components of the device 700 residing outside of the secured region 716. It is noted that the terminations paths 724 may be included within the secured region 716 in some embodiments. A main processor 706 is coupled to the switching matrix 714 via an unsecured path 720. Because the main processor 706 resides outside of the secured region 716, components and transmission paths within the secured region 716 are inaccessible by the main processor 706. As such, neither the main processor 706 nor devices external to the mobile communication device 700 can surreptitiously access signals transmitted within the secured region 716, including those produced by sources 704.

In the embodiment shown in FIG. 7, source signals transmitted along the secured transmission paths 722 can be encrypted by the encryption/decryption module 718, and transmitted to the main processor 706 or other component of the device 700 via an unsecured transmission path 720. Encryption of source signals and other information communicated along the secured transmission paths 722 ensures that any attempt to access such signals and information via an unsecured transmission path 720 is frustrated due to the encryption. Encrypted signals can be transmitted out of the device 700 via a wireless (or wired) communication interface and to a remote device 750 or other remote entity via a network 740 (e.g., cellular network, landline network, the Internet, and/or private network).

In some embodiments, functions of the encryption/decryption module 718 are implemented by encryption and decryption algorithms executed by the secured processor 719. The secured processor 719 can be configured to coordinate information flow through the secured region 716 and interfacing between components and unsecured transmission paths outside of the secured region 716. It is noted that the secured processor 719, encryption/decryption module 718, or other component that interface with unsecured transmission paths 720 of the device 700 can include firewall hardware and/or software to enhance protection against unintended or malicious access to the secured region 716 of the device 700.

FIG. 8 is a block diagram of a mobile communication device configured to implement a secured communications methodology in accordance with various embodiments. The mobile communication device 800 illustrated in FIG. 8 includes a number of sources 804 coupled to a switching matrix 814 which is controlled by a switch mechanism 812. The switch mechanism 812 may include a three-way switch 813, which allows user selection of one of three modes of device operation according to various embodiments. When a first state is selected by the user, indicated by position 1 of switch 813, the device 800 operates in a normal mode. In the normal mode of operation, sources 804 are coupled to the main processor 804 and other components of the device 800 (e.g., display 809) via unsecured transmission paths 820 via the switching matrix 814.

When a second state is selected by the user, indicated by position 2 of switch 813, the device 800 operates in an idle privacy mode, in which output signals from source devices 804 are diverted to termination transmission paths 824 via the switching matrix 814. In the idle privacy mode, an open circuit or other physical barrier can be provided to prevent source device signals from reaching the main processor 806 and/or other components of the device 800. The idle privacy mode can be deactivated by the user selecting position 1 of switch 813. Moving the switch 813 from position 2 to position 1, for example, causes the switching matrix 814 to decouple the sources 804 from the termination paths 824 and couple the sources 804 to the unsecured transmission paths 820.

When a third state is selected by the user, indicated by position 3 of switch 813, the device 800 operates in an active privacy mode, in which output signals from source devices 804 are diverted away from the unsecured transmission paths 820 and to the secured transmission paths 822 within the device 800. In the active privacy mode, signals from sources 804 can be communicated to the secured processor 805 and out of the device 800 via a secured communications module 807 according to some embodiments. In some implementations, the source signals can be encrypted by an encryption module 811 prior to being transmitted to the secured communications module 807. In other embodiments, signals from sources 804 received by the secured processor 805 can be communicated out of the device 800 via the unsecured communications module 808 by way of the encryption module 811 and/or a firewall. Encrypted signals transmitted out of device 800 can be communicated to a remote device 850 via a network 840. It is noted that, in some embodiments, encryption can be performed at the source 804, prior to the switching matrix 814, or prior to the secured processor 805 by a suitable encryption device and/or algorithm, rather than by the secured processor.

In other embodiments, source signals transmitted to and encrypted by the secured processor 805 can be communicated to an external location via the communications module 808 or other unsecured link. This scenario is an example of a secured transmission, because the source signals follow a fully secure path before they are encrypted, and subsequent privacy is afforded by the encryption despite transmission via an unsecure link. In a scenario involving receiving of encrypted signals from an external location via communications module 808 or other component (e.g., an audio, video or data jack of the device), privacy is afforded by the decryption of the received signals within the device (e.g., by the decryption module 813 of the secured processor 805) despite receiving the encrypted signals via an unsecure link. In this scenario, the received and subsequently decrypted signals follow a fully secure path after being decrypted.

The remote device 850 includes a decryption module 851 that operates on the encrypted signals received from the device 800 to recover the original source device information. Signals originating at the remote device 850 can be encrypted via an encryption module 853 and transmitted to the device 800 via the network 840. Encrypted signals transmitted by the remote device 850 can be received by the device 800 via the unsecured communications module 808, in some embodiments, or the secured communications module 807, in other embodiments. The encrypted signals received by the device 800 can be decrypted by the decryption module 811 of the secured processor 805. The active privacy mode can be deactivated by the user selecting position 1 of switch 813. Moving the switch 813 from position 3 the position 1 causes the switching matrix 814 to decouple the sources 804 from the secured transmission paths 822 and couple the sources 804 to the unsecured transmission paths 820.

FIGS. 9-13 are diagrams illustrating various configurations of a mobile communications device adapted to implement secured communication methodologies in accordance with various embodiments of the present disclosure. The embodiments of FIGS. 9-13 are intended to show a variety of representative device configurations for illustrative purposes, it being understood that other configurations are contemplated. It is noted that the embodiments shown in FIGS. 9-13 are described in the context of a mobile communication device (e.g., a mobile phone, smartphone, tablet, personal digital assistant, laptop), but that the secured communication methodologies disclosed herein may be implemented in stationary communication devices, such as desktops, security cameras, desktop telephones, television sets, set-top boxes, and webcams, among others. Embodiments of the disclosure can be implemented as part of telecommunications equipment of a vehicle, such as an automobile. The user actuatable switch may be located on a control panel or console of the vehicle, and may be actuated manually or via voice command (e.g., a hands-free implementation) by the user.

FIG. 9 shows a mobile communication device configured to implement a secured communications methodology in accordance with various embodiments. The device 900 shown in FIG. 9 includes a housing 902 configured for hand-held manipulation by a user. Supported within the housing 902 are a main processor 906, a display 909, and a communications module 908. Also included within the housing 902 is a switch 918 comprising a switch matrix 922 and a number of switches 924. The device 900 includes a number of components 904 each coupled to a respective switch 924 of the switch matrix 922. In some embodiments, the components 904 include one or more sources, one or more sensors, or a combination of sources and sensors. The sources and sensors may be of a type previously described herein. A switch mechanism 920 is coupled to the switch matrix 922 and mounted on the device 900 such that at least a portion of the switch mechanism 920 is accessible on an outer surface of the housing 902 by the user. The switch mechanism 920 can be actuated by a user to selectively activate and deactivate the switches 924 of the switch matrix 922.

During normal device operation, each of the components 904 is communicatively coupled to the main processor 906 via the switches 924 and transmission paths 903, respectively. In response to user actuation of the switch mechanism 920, the components 904 coupled to the switch matrix 922 are respectively decoupled from a transmission path 903 (e.g., unsecured transmission path) that includes the main processor 906 and other components (if applicable) susceptible to surreptitious access by an external entity. In the simplified illustration of switch matrix 922 shown in FIG. 9, activating the switch mechanism 920 by the user causes each of the switches 924 to create an open circuit, thereby preventing signal transmission between the components 904 and the main processor 906. Deactivating the switch mechanism 920 by the user causes re-coupling of signal transmission between each of the components 904 and the main processor 906 via the switches 924.

According to some embodiments, the mobile communication device 900 may be equipped with a tamper-proof switch 918 that, when activated intentionally or unintentionally, causes irreversible decoupling of the components 904. In some embodiments, the switch 918, alone or in combination with a “confirmation” switch (not shown), may be configured to irreversibly decouple the components 904 (all or selected components 904) from their respective transmission paths 903 when activated by the user. In other embodiments, the switch decoupling may be permanent, such as by activation of a fused connection and creation of a permanent open circuit. In further embodiments, irreversible decoupling of the components 904 from their respective transmission paths 903 can be considered irreversible by the user of the device 900, but reversible by a technician, such as by physically accessing a hardware reset mechanism (e.g., replacement of a fuse-like component) within the housing 902 of the device 900. In some embodiments, irreversible decoupling of the components 904 from their respective transmission paths 903 can be considered irreversible by the user of the device 900, but reversible by a technician, such as by connecting with the device 900 and resetting the switch 918 using a special software routine or code known only to the technician. Such embodiments provide for tamper-proofing of the mobile communication device 900 by the user, who may or may not be the owner of the device 900. For example, repeated attempts to gain access to the device 900 by a party

FIG. 10 shows a mobile communication device configured to implement a secured communications methodology in accordance with other embodiments. The device 1000 shown in FIG. 10 includes a number of sources and one or more sensors, each of which can be selectively coupled and decoupled to/from a main processor 1006 by selective actuation of a switch 1018 by a user. In FIG. 10, the main processor 1006 is coupled to a display 1009 and a communications module 1008. In the embodiment of FIG. 10, one or more cameras 1010, one or more microphones 1012, and one or more sensors 1014 are coupled to inputs of a switch matrix 1022 of the switch 1018, respectively. A switch mechanism 1020 is coupled to the switch matrix 1022 and mounted on the device 1000 such that at least a portion of the switch mechanism 1020 is accessible on an outer surface of the housing 1002 by the user. The switch mechanism 1020 can be actuated by a user to selectively activate and deactivate the switches 1024 of the switch matrix 1022.

During normal device operation, each of the cameras 1010, microphones 1012, and sensors 1014 is communicatively coupled to the main processor 1006 via the switches 1024 and transmission paths 1003, respectively. In response to user activation of the switch mechanism 1020, the cameras 1010, microphones 1012, and sensors 1014 coupled to the switch matrix 1022 are respectively decoupled from a transmission path 1003 (e.g., unsecured transmission path) that includes the main processor 1006 and other components (if applicable) susceptible to surreptitious access by an external entity. In the simplified illustration of switch matrix 1022 shown in FIG. 10, activating the switch mechanism 1020 by the user causes each of the switches 1024 to create an open circuit, thereby preventing signal transmission between the cameras 1010, microphones 1012, and sensors 1014 and the main processor 1006. Deactivating the switch mechanism 1020 by the user causes re-coupling of signal transmission between each of the cameras 1010, microphones 1012, and sensors 1014 and the main processor 1006 via the switches 1024.

FIG. 11 shows a mobile communication device configured to implement a secured communications methodology in accordance with further embodiments. The device 1100 shown in FIG. 11 includes a number of components 1104, each of which can be selectively coupled and decoupled to/from a main processor 1106 and to/from a secured processor 1105 by selective actuation of a switch 1118 by a user. In some embodiments, the components 1104 include one or more sources, one or more sensors, or a combination of sources and sensors. The sources and sensors may be of a type previously described herein. The main processor 1106 is shown coupled to a display 1109 and a communications module 1108. In the embodiment of FIG. 11, the components 1104 are coupled to inputs of a switch matrix 1122 of the switch 1118, respectively. A switch mechanism 1120 is coupled to the switch matrix 1122 and mounted on the device 1100 such that at least a portion of the switch mechanism 1120 is accessible on an outer surface of the housing 1102 by the user. The switch mechanism 1120 can be actuated by a user to selectively activate and deactivate the switches 1124 of the switch matrix 1122.

During normal device operation, each of the components 1104 is communicatively coupled to the main processor 1106 via the switches 1124 and transmission paths 1103, respectively. In response to user activation of the switch mechanism 1120, the components 1104 coupled to the switch matrix 1122 are respectively decoupled from a transmission path 1103 (e.g., unsecured transmission path) that includes the main processor 1106 (and other components susceptible to surreptitious access by an external entity) and coupled to the secured processor 1105. Deactivating the switch mechanism 1120 by the user causes re-coupling of signal transmission between each of the components 1104 and the main processor 1106, and decoupling of the components 1104 and the secured processor 1105 via the switches 1124.

In the embodiment shown in FIG. 11, the secured processor 1105 is coupled to the communications module 1108, to which the main processor 1106 is also coupled. The secured processor 1105 is preferably configured to encrypt and decrypt information transmitted between the secured processor 1105 and the communications module 1108. A firewall may also be provided between the secured processor 1105 and the communications module 1108. According to some embodiments, encrypted information (e.g., voice, text, data, video) is communicated between the secured processor 1105 and a remote device via a data channel when operating in a privacy mode in response to activation of the switch mechanism 1120. During a normal mode of operation in response to non-activation or deactivation of the switch mechanism 1120, voice data is typically communicated between the device 1100 and a remote device via a voice channel, while text and data is communicated via a data channel.

FIG. 12 shows a mobile communication device configured to implement a secured communications methodology in accordance with other embodiments. The device 1200 shown in FIG. 12 includes one or more cameras 1210, one or more microphones 1212, and one or more sensors 1214, each of which can be selectively coupled and decoupled to/from a main processor 1206 and to/from a secured processor 1205 by selective actuation of a switch 1218 by a user. The sensors 1214 can include one or more of a GPS sensor, accelerometer(s), gyroscope(s), magnetometer(s), barometer, thermometer, proximity sensor, ambient light sensor, compass, heart rate sensor, and a pedometer, among others. The main processor 1206 is shown coupled to a display 1209 and a communications module 1208.

In some embodiments, the secured processor 1205 is coupled to the communications module 1208 (and protected via an encryption/decryption module and/or a firewall), while in other embodiments the secured processor 1205 is coupled to a secured communications module 1215. In the embodiment shown in FIG. 12, the secured processor 1205 can be coupled to a secured display 1211 and a secured keypad 1213. The secured display 1211 may be a dedicated display (e.g., a small display compared to the main display 1209) or a separately driven portion of the main display 1209. The secured keypad 1213 may be embodied as a physical keypad or a virtual keypad presented within the secured display 1211. The secured keypad 1213 and display 1211 can facilitate implementation of various security features of the device 1200, such as secured input of PIN numbers and passwords and creation of secured texts and emails. The secured communications module 1215, secured display 1211, and secured keypad 1213 are inaccessible to the main processor 1206, the communications module 1208, and all other components that may be susceptible to surreptitious access by an external entity.

In the embodiment of FIG. 12, the cameras 1210, microphones 1212, and sensors 1214 are coupled to inputs of a switch matrix 1222 of the switch 1218, respectively. A switch mechanism 1220 is coupled to the switch matrix 1222 and mounted on the device 1200 such that at least a portion of the switch mechanism 1220 is accessible on an outer surface of the housing 1202 by the user. The switch mechanism 1220 can be actuated by a user to selectively activate and deactivate the switches 1224 of the switch matrix 1222. During normal device operation, each of the cameras 1210, microphones 1212, and sensors 1214 is communicatively coupled to the main processor 1206 via the switches 1224 and transmission paths 1203, respectively. In response to user activation of the switch mechanism 1220, the cameras 1210, microphones 1212, and sensors 1214 are respectively decoupled from transmission paths 1203 (e.g., unsecured transmission paths) that includes the main processor 1206 (and other components susceptible to surreptitious access by an external entity) and coupled to the secured processor 1205 via the switches 1224 and secured transmission paths 1207. Deactivating the switch mechanism 1220 by the user causes re-coupling of signal transmission between each of the cameras 1210, microphones 1212, and sensors 1214 and the main processor 1206, and decoupling of the cameras 1210, microphones 1212, and sensors 1214 from the secured processor 1205 via the switches 1224.

FIG. 13 illustrates an embodiment of a mobile communication device configured to implement a secured communications methodology in accordance with various embodiments. The mobile communication device 1300 shown in FIG. 13 provides a relatively high degree of security and privacy by virtue of a mirrored architecture. The device 1300 effectively incorporates a dual-device architecture, one unsecured and one secured, each of which can be operated substantially independently of the other. The unsecured architecture of the device 1300 includes various unsecured sources, sensors and components (e.g., data interfaces, audio jacks, video jacks) 1310 which are communicatively coupled to a main processor 1306. An unsecured memory 1307, an unsecured communications module 1308, and an unsecured display 1311 are coupled to the main processor 1306. The main processor 1306 is configured to implement a primary operating system of the device 1300. The unsecured components allow the mobile communication device to be operated as if it were a typical commercial device.

The secured architecture of the device 1300 includes various secured sources, sensors, and components (e.g., data interfaces, audio jacks, video jacks) 1312 which are communicatively coupled to a secured processor 1305 via secured transmission paths 1207. The secured processor 1305, which is configured to implement a secured operating system, is coupled to a secured memory 1313, a secured communications module 1309, and a secured display 1315. The secured memory 1313 may be accessed by secured components other than or in addition to the secured processor 1305. The secured processor 1305 may also be coupled to an optional secured keypad or other user input device (see, e.g., FIG. 12). The security components of the device 1300 are inaccessible to unsecured components of the device 1300 that may provide surreptitious access to the secured components.

The secured display 1315 may be a display or device separate from the unsecured display 1311 and located elsewhere on the housing 1302, such as on the rear surface of the housing 1302. The secured display 1315 may be relatively small in size in relation to the main (unsecured) display 1311, and may be a simple and/or technology-inferior device (e.g., monochromatic, inexpensive, non-touch screen). In some embodiments, the secured display 1315 is intended to be used for sending specific private communications, such as sensitive text messages, credit card or bank account information, or other private or sensitive information. The secured display 1315 is likely to be used very briefly, and can be connected via a switching arrangement to provide for switching between secured and unsecured components of the device 1300. For example, the secured display 1315 can be coupled to a switching arrangement that allows a user to use the main display 1311 for the bulk of a given interaction, then quickly switch to the secured processor and operating system 1305 for entering his/her bank account, or for sending a sensitive text message, and then switch back again to the unsecured processor 1306. The secured display 1315 may also be a physically separate device that is connected to the device 1300 via a special cable, such as one that uses a special secured communications protocol, or possibly via a secured wireless connection (e.g., by means of a proprietary encrypted wireless protocol).

The secured components, under the control of the secured processor and operating system 1305, allow the mobile communication device 1300 to be operated in one or more privacy modes. In some privacy modes, one or more unsecured components, transmission paths or resources may be utilized (e.g., wired or wireless headset or earpiece, external microphone, external speaker such as a Bluetooth® speaker), with proper security safeguards in place to provide an acceptable level of security (e.g., via encryption/decryption, firewalls, etc.). In other privacy modes, no unsecured component, transmission path or resource can access or provide a means to access to the security components of the device 1300, thereby precluding surreptitious access to the mobile communication device by a remote device or user. According to some embodiments, a common (unsecured) display 1311 is coupled to the main processor 1306, and also to the secured processor 1305 via an encryption/decryption module or firewall.

A switch 1318 is coupled to the unsecured device architecture and the secured device architecture of the device 1300. The switch 1318 includes a switch mechanism 1320 coupled to a switch 1322. The switch mechanism 1320 is mounted on the device 1300 such that at least a portion of the switch mechanism 1320 is accessible on an outer surface of the housing 1302 by the user. The switch mechanism 1320 can be actuated by a user to selectively activate and deactivate the switch 1322. During normal device operation, elements of the unsecured architecture (1310, 1306, 1308) are operative, and elements of the secured architecture (1312, 1305, 1309) are inoperative with respect to interactions between the device 1300 and the user and/or external entities. In response to user actuation of the switch mechanism 1320, a privacy mode of device operation is initiated. During the privacy mode of device operation, elements of the secured architecture (1312, 1305, 1309) are operative, and elements of the unsecured architecture (1310, 1306, 1308) are inoperative with respect to interactions between the device 1300 and the user and/or external entities. As in the case of other embodiments, information exchanged between the secured processor 1305 and external devices is preferably effected via a data channel, rather than a voice channel.

FIG. 14 is a representative mobile communication device configured to implement a secured communications methodology in accordance with various embodiments. The device 1400 shown in FIG. 14 includes a housing 1402 configured for hand-held manipulation by a user. The housing 1402 supports a display 1404, a front camera 1410, an ambient light sensor 1414, a first microphone 1416, an optional second microphone 1412, and a control button 1406, each accessible at a front surface of the housing 1402. A rear camera 1430 and flash unit 1432 are provided at a rear surface of the housing 1402. A speaker 1442 and data/power interface 1444 are provided along a lower side surface of the housing 1402. An upper side surface of the housing 1402 supports a number of switches, including volume increase and decrease buttons 1422, 1424 and a privacy mode switch 1420. The privacy mode switch 1420 is actuatable by the user to cause the device 1400 to operate in a normal mode of operation and one or more privacy modes of operation (e.g., idle privacy mode, active privacy mode), in accordance with embodiments disclosed herein. The device 1400 may be representative of a smartphone, a PDA, a tablet or other hand-held mobile communication device.

Although specific embodiments have been illustrated and described herein, it will be appreciated by those of ordinary skill in the art that a variety of alternate and/or equivalent implementations can be substituted for the specific embodiments shown and described without departing from the scope of the present disclosure. This application is intended to cover any adaptations or variations of the specific embodiments discussed herein. Therefore, it is intended that this disclosure be limited only by the claims and the equivalents thereof. 

What is claimed is:
 1. A mobile communications device, comprising: a display; a plurality of sources comprising at least one microphone and at least one camera; a wireless communications module; a main processor selectively coupled to an unsecured transmission path; a secured processor inaccessible by the main processor and being selectively coupled to a secured transmission path; a module configured to couple the main processor and the secured processor; a housing configured for hand-held manipulation and to support the display, the microphone, the camera, the communications module, the main processor, the secured processor, and the module; and a switch actuatable by a user of the device and coupled to at least the sources, the main processor, and the secured processor, the switch configured to: when activated, enable the secured transmission path for operation and disable the unsecured transmission path for operation; and when deactivated, enable the unsecured transmission path for operation and disable the secured transmission path for operation.
 2. The device of claim 1, wherein upon the secured transmission path being enabled the signals are communicated from the secured processor to the wireless communications module for transmission to an external location.
 3. The device of claim 1, comprising: a secured wireless communications module coupled to the secured processor; wherein upon the secured transmission path being enabled the signals are communicated away from the main processor and to the secured processor, and from the secured processor to the secured wireless communications module for transmission to an external location.
 4. The device of claim 1, wherein the secured processor is configured to encrypt the signals, and to decrypt signals received from an external location when the switch is activated.
 5. The device of claim 1, comprising: one or more sensors; wherein the switch is configured to: decouple the one or more sensors from the unsecured transmission path when activated; and recouple the one or more sensors to the unsecured transmission path when deactivated.
 6. The device of claim 5, wherein the switch is configured to: decouple the one or more sensors from the unsecured transmission path and couple the one or more sensors to the secured transmission path when activated; and recouple signals produced by the one or more sensors to the unsecured transmission path and decouple the one or more sensors away from the secured transmission path when deactivated.
 7. The device of claim 1, comprising a secured wireless communications module coupled to the secured processor and inaccessible by the main processor and the wireless communications module.
 8. The device of claim 1, wherein device is a mobile phone, a tablet or a laptop.
 9. The device of claim 1, wherein the device is configured for use in a vehicle, and the switch is disposed on a control panel of the vehicle or on a housing of the device.
 10. A mobile communications device, comprising: a display; a plurality of sources comprising at least one microphone and at least one camera; a wireless communications module; a switch matrix configured to selectively couple the sources to an unsecured transmission path within the device and to a secured transmission path within the device; a main processor coupled to the switch matrix via the unsecured transmission path, the secured transmission path inaccessible by the main processor; and a switch mechanism coupled to the switch matrix and activatable by a user of the device, the switch matrix configured to: couple the sources to the secured transmission path and decouple the sources from the unsecured transmission path in response to activation of the switch mechanism; couple the sources to the unsecured transmission path and decouple the sources from the secured transmission path in response to deactivation of the switch mechanism; couple the sources to terminated paths within the device and decouple the sources from the unsecured transmission path in response to activation of the switch mechanism; and couple the sources to the unsecured transmission path and decouple the sources from the terminated paths in response to deactivation of the switch mechanism.
 11. The device of claim 10, wherein the secured transmission path comprises a secured processor inaccessible by the main processor, and the switch matrix is configured to: couple the sources to the secured processor and decouple the sources from the unsecured transmission path in response to activation of the switch mechanism; and couple the sources to the unsecured transmission path and decouple the sources from the secured processor in response to deactivation of the switch mechanism.
 12. The device of claim 10, wherein: the secured transmission path comprises a secured processor and a secured wireless communications module coupled to the secured processor; and the secured transmission path is inaccessible by the main processor and the wireless communications module.
 13. The device of claim 10, comprising one or more sensors, wherein the switch matrix is configured to: couple the one or more sensors to the secured transmission path and decouple the one or more sensors from the unsecured transmission path in response to activation of the switch mechanism; and couple the one or more sensors to the unsecured transmission path and decouple the one or more sensors from the secured transmission path in response to deactivation of the switch mechanism.
 14. A mobile communications device, comprising: a display; a plurality of sources comprising at least one microphone and at least one camera; a wireless communications module; a switch matrix configured to selectively couple the sources to an unsecured transmission path within the device and to a secured transmission path within the device; a main processor coupled to the switch matrix via the unsecured transmission path, the secured transmission path inaccessible by the main processor; a module configured to couple the secured transmission path and the unsecured transmission path; and a switch mechanism coupled to the switch matrix and activatable by a user of the device, the switch mechanism is configured to move between a plurality of privacy operation states and a normal operation state where the plurality of sources are coupled to the main processor by unsecured transmission paths.
 15. The device of claim 14, wherein when the switch mechanism is in a first of the plurality of privacy operation states, the plurality of sources are coupled to termination paths.
 16. The device of claim 15, wherein when the switch is in a second of the plurality of privacy operation states, the plurality of sources are coupled to the secured transmission paths and decoupled from the unsecured transmission paths.
 17. A method, comprising: generating an activation signal and a deactivation signal in response to user activation and deactivation of a switch of a mobile communication device, the device comprising a display, a plurality of sources comprising at least one microphone and at least one camera, a wireless communications module, a main processor, a secured processor inaccessible by the main processor, and a module configured to couple the main processor and the secured processor; selectively decoupling the sources from the main processor and coupling the sources to the secured processor in response to the activation signal generated by activation of the switch; and selectively decoupling the plurality of sources from the secured processor and recoupling the plurality of sources to the main processor in response to the deactivation signal generated by deactivation of the switch.
 18. The method of claim 17, further comprising: selectively decoupling the sources from the main processor and coupling the sources to either the secured processor or termination paths in response to the activation signal generated by activation of the switch; and selectively decoupling the plurality of sources from either the secured processor or termination transmission paths and recoupling the plurality of sources to the main processor in response to the deactivation signal generated by deactivation of the switch. 